This info will eventually be converted into a new guide as well. I need to make 2 new guides. Some simple connection guides and then also a guide for hosting Q3 servers in linux using some IP Tables configs in order to "sort of" defend against this problem. All the IP Tables fixes do is prevent your machine from reflecting data, but I don't think it stops the incoming flow of traffic if your IP gets absolved into one of these swarms.

I was recently configuring a new router I got, the ASUS RT-N56U. It has a DoS protection feature. I was wondering if anyone knows if this would be a good way to thwart your local server getting absorbed into a swarm?

I was recently configuring a new router I got, the ASUS RT-N56U. It has a DoS protection feature. I was wondering if anyone knows if this would be a good way to thwart your local server getting absorbed into a swarm?

Sorry for the grave digging, but are you referring to WAN ping blocking ( ICMP Ping blocking) by any chance?

If that is what you are referring to then yes it does help because it make it to where it wont reply to any pings from a scan, but there are ways around that, say like they somehow know your info (IP and ports used) then it would not matter if you had wan ping blocking enabled or not. All it does is help protect you from scans.

My router does ICMP Ping blocking (wan ping blocking) and have it enabled to lower my chances of being detected by a scan. Its sad that anyone wants to even do such a thing.

"One financial institution, Prolexic reported in its recent Multiplayer Video Gaming Attacks report (register to download), suffered a sustained DDoS attack that saw 5Gbps of traffic, sent from 605 different IP addresses, pummelling the target after being diverted through multiplayer game servers for Call of Duty 2, Quake, and Quake 3.

Prolexic, which specialises in DDoS mitigation, picked up and stopped the attack, which saw more than 975,000 packets per second flung at the victim organisation from servers in nearly 30 countries. The toolkit allowed the spoofing of the attacker’s identity by replacing it with the same address as the target."

Soon I am going to setup a test server on an Amazon EC2 Cloud Instance to see how well it performs. This could be a great way to have some more servers in the list, because it would allow us to kill the server and spin up a new EC2 instance... with a new IP address, if the server were to be absorbed into a Reflective DDOS Swarm.